This forum is now a read-only archive. All commenting, posting, registration services have been turned off. Those needing community support and/or wanting to ask questions should refer to the Tag/Forum map, and to http://spring.io/questions for a curated list of stackoverflow tags that Pivotal engineers, and the community, monitor.

LDAP authorities

Dec 9th, 2010, 05:55 AM

Hi everyone,

I am currently trying to query an Active Directory server. I am successfully authenticating the user but I am having problems when trying to get the userís roles.
The problem I'm having is that I don't know how to specify which attributes I want my LDAP query to return. In my case, I want my query to return all the attributes "memberOf" that a specific user has.

I used a program called Wireshark to intercept the LDAP query that I am sending to the server and my LDAP query returns 0 result. I have attached the request and response made to the LDAP server.

I also used a program called LDAP Browser that allows a user to make LDAP queries. When using this program, the LDAP query returns the values of the "memberOf" attributes correctly. I've also attached the screenshots for the LDAP queries intercepted by Wireshark

I'd take a look at the source of DefaultLdapAuthoritiesPopulator. If you look at the consturctor you are passing "CN=John Smith" as the group search base. You might try enabling debug for this class and see what it is actually using to search.

Comment

Thank you for your post. The query that DefaultLdapAuthoritiesPopulator uses seems fine (see LDAP_Request.JPG, attached in my first post). Is there any way I can specify in my applicationContext.xml which attributes I want the LDAP server to return?